package com.qph.app.system.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.qph.base.security.entity.User;
import com.qph.utils.encrypt.Md5Encrypt;

@Controller
public class LoginController {
	
	/**
	 * 登录 
	 * @param currUser
	 * @param session
	 * @param request
	 * @return
	 */
	@RequestMapping(value = "/login" ,method=RequestMethod.POST,produces={"application/json;charset=UTF-8"})
	public String login(User currUser,HttpSession session, HttpServletRequest request){
		Subject user = SecurityUtils.getSubject();
		UsernamePasswordToken token = new UsernamePasswordToken(currUser.getUsername(),Md5Encrypt.encrypt(currUser.getPassword()));
		token.setRememberMe(true);
		try {
			user.login(token);
			return "/comm/index";
		}catch (AuthenticationException e) {
			e.printStackTrace();
			token.clear();
			return "redirect:/";
		}
	}

	
	/**
	 * 注销
	 * @return
	 */
	@RequestMapping(value = "/logout")
	public String logout(){
		
		Subject user = SecurityUtils.getSubject();
		user.logout();
		return "/comm/login";
	}
}
